A Facebook bug let app developers see photographs users had uploaded, but never posted, the social network said.
For two weeks in September, an error in the way Facebook shares photographs with third parties meant that apps could see not only photos users had posted on their Newsfeed, but also pictures in other parts of the site — on Facebook Stories or Facebook’s Marketplace, for instance.
The bug also “impacted photos that people uploaded to Facebook, but chose not to post,” Facebook developer Tomer Bar said in a statement on Friday.
Importantly, the only applications that had access to the hidden photographs were those to which users had already granted access to all their public photos, through the company’s application programming interface, Bar said.
“Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers,” Bar said.
Users affected are those who had given permission to third-party apps to access their photos through the Facebook log-in function. There is no evidence that the bug led to any large-scale extraction of photos from the site.
“We’re sorry this happened,” Bar added. “Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”
The error is comparatively minor given Facebook’s scale.
In September, almost five times as many accounts were affected by a data breach in which hackers accessed personal information, including name, relationship status, search activity and recent location check-ins.
“The vulnerability was the result of a complex interaction of three distinct software bugs and it impacted ‘view as,’ a feature that lets people see what their own profile looks like to someone else,” Facebook vice president of product management Guy Rosen said at the time.
“It allowed attackers to steal Facebook access tokens, which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app,” he added.
Showcasing phallus-shaped portable shrines and pink penis candies, Japan’s annual fertility festival yesterday teemed with tourists, couples and families elated by its open display of sex. The spring Kanamara Matsuri near Tokyo features colorfully dressed worshipers carrying a trio of giant phallic-shaped objects as they parade through the street with glee. The festival, as legend has it, honors a local blacksmith in the Edo Period (1603-1868) who forged an iron dildo to break the teeth of a sharp-toothed demon inhabiting a woman’s vagina that had been castrating young men on their wedding nights. A 1m black steel phallus sits in the courtyard of
HIGH HOPES: The power source is expected to have a future, as it is not dependent on the weather or light, and could be useful for places with large desalination facilities A Japanese water plant is harnessing the natural process of osmosis to generate renewable energy that could one day become a common power source. The possibility of generating power from osmosis — when water molecules pass from a less salty solution to a more salty one — has long been known. However, actually generating energy from that has proved more complicated, in part due the difficulty of designing the membrane through which the molecules pass. Engineers in Fukuoka, Japan, and their private partners think they might have cracked it, and have opened what is only the world’s second osmotic power plant. It generates
JAN. 1 CLAUSE: As military service is voluntary, applications for permission to stay abroad for over three months for men up to age 45 must, in principle, be granted A little-noticed clause in sweeping changes to Germany’s military service policy has triggered an uproar after it emerged that the law requires men aged up to 45 to get permission from the armed forces before any significant stay abroad, even in peacetime. The legislation, which went into effect on Jan. 1 aims to bolster the military and demands all 18-year-old men fill out a questionnaire to gauge their suitability to serve in the armed forces, but stops short of conscription. If the “modernized” model fails to pull in enough recruits, parliament will be compelled to discuss the reintroduction of compulsory service, German
Hundreds of Filipinos and tourists flocked to a sun-bleached field north of Manila yesterday, on Good Friday, to witness one of the country’s most blood-soaked displays of religious fervor, undeterred by rising fuel prices. Scores of bare-chested flagellants with covered faces walked barefoot through the dusty streets of Pampanga Province’s San Fernando as they flogged their backs with bamboo whips in the scorching heat. Agence France-Presse (AFP) journalists said they saw devotees deliberately puncturing their skin with glass shards attached to a small wooden paddle to ensure their bleeding during the ritual, a way to atone for sins and seek miracles from
RSS